[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Passive Spam Revocation

Yao Ziyuan wrote:
> STEP 2: A's mail client sends the message, waits 30 seconds, and then visits:
>     https://spamstatus.<B's mail domain>/?msgid=<Message-ID>&code=<PSR-Code>
> This page displays one of these possible "spam statuses":
>     * MESSAGE CONSIDERED SPAM. (A CAPTCHA is also presented below.)
>     * MESSAGE CONSIDERED NOT SPAM.

A possibile problem is that a spammer can send a few test messages,
check which one is not considered spam and flood with the same kind of
message for a while, then check again and change format if required,
thus increasing spam effectiveness. It doesn't need to solve the captcha
for this.

-- 

Claudio Telmon
claudio at telmon.org
http://www.telmon.org